aws-ia / cloudformation-github-resource-providers Goto Github PK

Fails in both contract testing and stack creation. It creates the invitation successfully in the organization, but then immediately fails with AlreadyExists.

Resource handler returned message: "Error: Resource of type 'GitHub::Repositories::Collaborator' 
with identifier 'Collab' already exists." 
(RequestToken: 1ab35620-a3ea-bcec-6c21-478165ff5286, HandlerErrorCode: AlreadyExists)

If your CFN template tries to update the "Visibility" property for GitHub::Repositories::Repository with the current value, the update will fail. For example, if your repo visibility is already private and your template specifies Visibility: Private, the update operation will fail.

Proposed fix: the handler code should contain a check to see if the Visibility property value needs to be changed before trying to execute the update.

https://docs.github.com/en/repositories/configuring-branches-and-merges-in-your-repository/managing-rulesets/about-rulesets

https://docs.github.com/en/rest/repos/rules?apiVersion=2022-11-28

It would be useful to be able to add secrets to orgs and repos:

• https://docs.github.com/en/rest/actions/secrets?apiVersion=2022-11-28#create-or-update-a-repository-secret
• https://docs.github.com/en/rest/actions/secrets?apiVersion=2022-11-28#create-or-update-an-organization-secret

Thanks!

Hello,

We would like to use the GitHub::Repositories::Repository resource on a repository that already exists so that we can make future changes from CloudFormation.

However, by doing so, we logically receive a 422 HTTP code (already exists).

Can we consider adding an option to authorize the import?

Either :

• via an additional property on the GitHub::Repositories::Repository resource
• in the configuration of the resource, add in the JSON, in addition to the access token, an option "allow import"?

The second option seems preferable in order to avoid changing the properties of GitHub::Repositories::Repository unnecessarily.

What do you think about it?

We'll be happy to help implement the feature if you think it's a good idea !

Hello, while trying to activate the extensions, we noticed that two of them are not published yet.

The following extensions are not published in Cloudformation:

• GitHub::Repositories::Secret
• GitHub::Organizations::Secret

Also the GitHub::Organizations::Secret README title is incorrect because at the moment it's the README title of GitHub::Repositories::Webhook.

It would be nice if the GitHubAccess would not have to be part of the deployed template, but instead could be configured per-account.

See https://docs.aws.amazon.com/cloudformation-cli/latest/userguide/resource-type-model.html#resource-type-howto-configuration

I'm not sure how this would work with backward compatibility, but both as an example and for new users, this would be a better experience.

When changing the name of a repository, a new repository is created and the old one is deleted.

The expectation would be that only the name changes, while keeping its content.

Note that the "id" of the ressource remain the same.

Code:

new CfnRepository(this, `GithubRepositoryTestFromCdk`, {
    name: 'test-from-cdk-rename, // Changing this value
    organization: orgName,
  });

The CDK diff output also suggest that only the name of the repository would change and there's no indication of replacement.

[~] GitHub::Repositories::Repository GithubRepositorytest-with-cdk GithubRepositorytestwithcdk 
 └─ [~] Name
     ├─ [-] test-from-cdk
     └─ [+] test-from-cdk-rename